6.4 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
61.1%
Faveo 5.0.1 allows remote attackers to obtain sensitive information via a modified user ID in an Insecure Direct Object Reference (IDOR) attack.
cupc4k3.lol/cve-2023-24625-idor-in-faveo-service-desk-37a63f53d896
medium.com/%40cupc4k3/vulnerabilities-in-faveo-service-desk-37a63f53d896
www.faveohelpdesk.com/servicedesk/